2015-09-11 02:31:09 +08:00
|
|
|
<?php namespace BookStack\Services;
|
2015-09-05 00:50:52 +08:00
|
|
|
|
2017-12-09 21:32:45 +08:00
|
|
|
use BookStack\Http\Requests\Request;
|
|
|
|
|
use GuzzleHttp\Exception\ClientException;
|
2015-09-05 00:50:52 +08:00
|
|
|
use Laravel\Socialite\Contracts\Factory as Socialite;
|
2015-09-11 02:31:09 +08:00
|
|
|
use BookStack\Exceptions\SocialDriverNotConfigured;
|
|
|
|
|
use BookStack\Exceptions\SocialSignInException;
|
|
|
|
|
use BookStack\Exceptions\UserRegistrationException;
|
|
|
|
|
use BookStack\Repos\UserRepo;
|
|
|
|
|
use BookStack\SocialAccount;
|
2015-09-05 00:50:52 +08:00
|
|
|
|
|
|
|
|
class SocialAuthService
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
protected $userRepo;
|
|
|
|
|
protected $socialite;
|
2015-09-05 03:40:36 +08:00
|
|
|
protected $socialAccount;
|
2015-09-05 00:50:52 +08:00
|
|
|
|
2017-11-26 23:41:29 +08:00
|
|
|
protected $validSocialDrivers = ['google', 'github', 'facebook', 'slack', 'twitter', 'azure', 'okta'];
|
2015-09-05 00:50:52 +08:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* SocialAuthService constructor.
|
2015-09-05 03:40:36 +08:00
|
|
|
* @param UserRepo $userRepo
|
|
|
|
|
* @param Socialite $socialite
|
|
|
|
|
* @param SocialAccount $socialAccount
|
2015-09-05 00:50:52 +08:00
|
|
|
*/
|
2015-09-05 03:40:36 +08:00
|
|
|
public function __construct(UserRepo $userRepo, Socialite $socialite, SocialAccount $socialAccount)
|
2015-09-05 00:50:52 +08:00
|
|
|
{
|
|
|
|
|
$this->userRepo = $userRepo;
|
|
|
|
|
$this->socialite = $socialite;
|
2015-09-05 03:40:36 +08:00
|
|
|
$this->socialAccount = $socialAccount;
|
2015-09-05 00:50:52 +08:00
|
|
|
}
|
|
|
|
|
|
2015-09-06 19:14:32 +08:00
|
|
|
|
2015-09-05 03:40:36 +08:00
|
|
|
/**
|
|
|
|
|
* Start the social login path.
|
2015-09-06 19:14:32 +08:00
|
|
|
* @param string $socialDriver
|
2015-09-05 03:40:36 +08:00
|
|
|
* @return \Symfony\Component\HttpFoundation\RedirectResponse
|
|
|
|
|
* @throws SocialDriverNotConfigured
|
|
|
|
|
*/
|
|
|
|
|
public function startLogIn($socialDriver)
|
2015-09-05 00:50:52 +08:00
|
|
|
{
|
|
|
|
|
$driver = $this->validateDriver($socialDriver);
|
|
|
|
|
return $this->socialite->driver($driver)->redirect();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-09-06 19:14:32 +08:00
|
|
|
* Start the social registration process
|
|
|
|
|
* @param string $socialDriver
|
|
|
|
|
* @return \Symfony\Component\HttpFoundation\RedirectResponse
|
|
|
|
|
* @throws SocialDriverNotConfigured
|
|
|
|
|
*/
|
|
|
|
|
public function startRegister($socialDriver)
|
|
|
|
|
{
|
|
|
|
|
$driver = $this->validateDriver($socialDriver);
|
|
|
|
|
return $this->socialite->driver($driver)->redirect();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Handle the social registration process on callback.
|
2015-09-05 00:50:52 +08:00
|
|
|
* @param $socialDriver
|
2015-09-06 19:14:32 +08:00
|
|
|
* @return \Laravel\Socialite\Contracts\User
|
|
|
|
|
* @throws SocialDriverNotConfigured
|
|
|
|
|
* @throws UserRegistrationException
|
|
|
|
|
*/
|
|
|
|
|
public function handleRegistrationCallback($socialDriver)
|
|
|
|
|
{
|
|
|
|
|
$driver = $this->validateDriver($socialDriver);
|
|
|
|
|
|
|
|
|
|
// Get user details from social driver
|
|
|
|
|
$socialUser = $this->socialite->driver($driver)->user();
|
|
|
|
|
|
|
|
|
|
// Check social account has not already been used
|
|
|
|
|
if ($this->socialAccount->where('driver_id', '=', $socialUser->getId())->exists()) {
|
2016-12-05 00:51:39 +08:00
|
|
|
throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount'=>$socialDriver]), '/login');
|
2015-09-06 19:14:32 +08:00
|
|
|
}
|
|
|
|
|
|
2016-01-10 03:23:35 +08:00
|
|
|
if ($this->userRepo->getByEmail($socialUser->getEmail())) {
|
2015-09-06 19:14:32 +08:00
|
|
|
$email = $socialUser->getEmail();
|
2016-12-05 00:51:39 +08:00
|
|
|
throw new UserRegistrationException(trans('errors.social_account_in_use', ['socialAccount'=>$socialDriver, 'email' => $email]), '/login');
|
2015-09-06 19:14:32 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $socialUser;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Handle the login process on a oAuth callback.
|
|
|
|
|
* @param $socialDriver
|
|
|
|
|
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
2015-09-05 00:50:52 +08:00
|
|
|
* @throws SocialDriverNotConfigured
|
2015-09-05 03:40:36 +08:00
|
|
|
* @throws SocialSignInException
|
2015-09-05 00:50:52 +08:00
|
|
|
*/
|
2015-09-06 19:14:32 +08:00
|
|
|
public function handleLoginCallback($socialDriver)
|
2015-09-05 00:50:52 +08:00
|
|
|
{
|
|
|
|
|
$driver = $this->validateDriver($socialDriver);
|
|
|
|
|
// Get user details from social driver
|
|
|
|
|
$socialUser = $this->socialite->driver($driver)->user();
|
2015-09-05 03:40:36 +08:00
|
|
|
$socialId = $socialUser->getId();
|
|
|
|
|
|
|
|
|
|
// Get any attached social accounts or users
|
|
|
|
|
$socialAccount = $this->socialAccount->where('driver_id', '=', $socialId)->first();
|
2015-09-05 19:29:47 +08:00
|
|
|
$isLoggedIn = auth()->check();
|
2016-09-29 19:43:46 +08:00
|
|
|
$currentUser = user();
|
2015-09-05 03:40:36 +08:00
|
|
|
|
2015-09-06 00:42:05 +08:00
|
|
|
// When a user is not logged in and a matching SocialAccount exists,
|
|
|
|
|
// Simply log the user into the application.
|
2015-09-05 03:40:36 +08:00
|
|
|
if (!$isLoggedIn && $socialAccount !== null) {
|
2017-09-15 03:20:47 +08:00
|
|
|
auth()->login($socialAccount->user);
|
|
|
|
|
return redirect()->intended('/');
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// When a user is logged in but the social account does not exist,
|
|
|
|
|
// Create the social account and attach it to the user & redirect to the profile page.
|
|
|
|
|
if ($isLoggedIn && $socialAccount === null) {
|
|
|
|
|
$this->fillSocialAccount($socialDriver, $socialUser);
|
|
|
|
|
$currentUser->socialAccounts()->save($this->socialAccount);
|
2016-12-05 00:51:39 +08:00
|
|
|
session()->flash('success', trans('settings.users_social_connected', ['socialAccount' => title_case($socialDriver)]));
|
2015-09-05 03:40:36 +08:00
|
|
|
return redirect($currentUser->getEditUrl());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// When a user is logged in and the social account exists and is already linked to the current user.
|
|
|
|
|
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id === $currentUser->id) {
|
2016-12-05 00:51:39 +08:00
|
|
|
session()->flash('error', trans('errors.social_account_existing', ['socialAccount' => title_case($socialDriver)]));
|
2015-09-05 03:40:36 +08:00
|
|
|
return redirect($currentUser->getEditUrl());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// When a user is logged in, A social account exists but the users do not match.
|
|
|
|
|
if ($isLoggedIn && $socialAccount !== null && $socialAccount->user->id != $currentUser->id) {
|
2016-12-05 00:51:39 +08:00
|
|
|
session()->flash('error', trans('errors.social_account_already_used_existing', ['socialAccount' => title_case($socialDriver)]));
|
2015-09-06 00:42:05 +08:00
|
|
|
return redirect($currentUser->getEditUrl());
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
2015-09-05 00:50:52 +08:00
|
|
|
|
2015-09-06 00:42:05 +08:00
|
|
|
// Otherwise let the user know this social account is not used by anyone.
|
2016-12-05 00:51:39 +08:00
|
|
|
$message = trans('errors.social_account_not_used', ['socialAccount' => title_case($socialDriver)]);
|
2016-03-06 20:55:08 +08:00
|
|
|
if (setting('registration-enabled')) {
|
2016-12-05 00:51:39 +08:00
|
|
|
$message .= trans('errors.social_account_register_instructions', ['socialAccount' => title_case($socialDriver)]);
|
2015-09-05 00:50:52 +08:00
|
|
|
}
|
2016-08-14 19:29:35 +08:00
|
|
|
|
2017-12-09 21:32:45 +08:00
|
|
|
throw new SocialSignInException($message, '/login');
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
2015-09-05 00:50:52 +08:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Ensure the social driver is correct and supported.
|
|
|
|
|
*
|
|
|
|
|
* @param $socialDriver
|
|
|
|
|
* @return string
|
|
|
|
|
* @throws SocialDriverNotConfigured
|
|
|
|
|
*/
|
|
|
|
|
private function validateDriver($socialDriver)
|
|
|
|
|
{
|
|
|
|
|
$driver = trim(strtolower($socialDriver));
|
|
|
|
|
|
2016-12-05 00:51:39 +08:00
|
|
|
if (!in_array($driver, $this->validSocialDrivers)) abort(404, trans('errors.social_driver_not_found'));
|
|
|
|
|
if (!$this->checkDriverConfigured($driver)) throw new SocialDriverNotConfigured(trans('errors.social_driver_not_configured', ['socialAccount' => title_case($socialDriver)]));
|
2015-09-05 00:50:52 +08:00
|
|
|
|
|
|
|
|
return $driver;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check a social driver has been configured correctly.
|
|
|
|
|
* @param $driver
|
|
|
|
|
* @return bool
|
|
|
|
|
*/
|
2015-09-05 03:40:36 +08:00
|
|
|
private function checkDriverConfigured($driver)
|
2015-09-05 00:50:52 +08:00
|
|
|
{
|
2016-01-10 03:23:35 +08:00
|
|
|
$lowerName = strtolower($driver);
|
|
|
|
|
$configPrefix = 'services.' . $lowerName . '.';
|
|
|
|
|
$config = [config($configPrefix . 'client_id'), config($configPrefix . 'client_secret'), config('services.callback_url')];
|
|
|
|
|
return !in_array(false, $config) && !in_array(null, $config);
|
2015-09-05 00:50:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Gets the names of the active social drivers.
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public function getActiveDrivers()
|
|
|
|
|
{
|
|
|
|
|
$activeDrivers = [];
|
2017-02-05 23:28:53 +08:00
|
|
|
foreach ($this->validSocialDrivers as $driverKey) {
|
|
|
|
|
if ($this->checkDriverConfigured($driverKey)) {
|
|
|
|
|
$activeDrivers[$driverKey] = $this->getDriverName($driverKey);
|
2015-09-05 00:50:52 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $activeDrivers;
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-05 23:28:53 +08:00
|
|
|
/**
|
|
|
|
|
* Get the presentational name for a driver.
|
|
|
|
|
* @param $driver
|
|
|
|
|
* @return mixed
|
|
|
|
|
*/
|
|
|
|
|
public function getDriverName($driver)
|
|
|
|
|
{
|
|
|
|
|
return config('services.' . strtolower($driver) . '.name');
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-05 03:40:36 +08:00
|
|
|
/**
|
2016-01-10 03:23:35 +08:00
|
|
|
* @param string $socialDriver
|
2015-09-06 19:14:32 +08:00
|
|
|
* @param \Laravel\Socialite\Contracts\User $socialUser
|
|
|
|
|
* @return SocialAccount
|
2015-09-05 03:40:36 +08:00
|
|
|
*/
|
2015-09-06 19:14:32 +08:00
|
|
|
public function fillSocialAccount($socialDriver, $socialUser)
|
2015-09-05 03:40:36 +08:00
|
|
|
{
|
|
|
|
|
$this->socialAccount->fill([
|
|
|
|
|
'driver' => $socialDriver,
|
|
|
|
|
'driver_id' => $socialUser->getId(),
|
|
|
|
|
'avatar' => $socialUser->getAvatar()
|
|
|
|
|
]);
|
2015-09-06 19:14:32 +08:00
|
|
|
return $this->socialAccount;
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Detach a social account from a user.
|
|
|
|
|
* @param $socialDriver
|
|
|
|
|
* @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
|
|
|
|
|
*/
|
|
|
|
|
public function detachSocialAccount($socialDriver)
|
|
|
|
|
{
|
2016-09-29 19:43:46 +08:00
|
|
|
user()->socialAccounts()->where('driver', '=', $socialDriver)->delete();
|
2016-12-05 00:51:39 +08:00
|
|
|
session()->flash('success', trans('settings.users_social_disconnected', ['socialAccount' => title_case($socialDriver)]));
|
2016-09-29 19:43:46 +08:00
|
|
|
return redirect(user()->getEditUrl());
|
2015-09-05 03:40:36 +08:00
|
|
|
}
|
2015-09-05 00:50:52 +08:00
|
|
|
|
|
|
|
|
}
|
